Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 95637 invoked from network); 23 Jan 2009 05:02:24 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 23 Jan 2009 05:02:24 -0000 Received: (qmail 58654 invoked by uid 500); 23 Jan 2009 00:58:22 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 58621 invoked by uid 500); 23 Jan 2009 00:58:22 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 58607 invoked by uid 99); 23 Jan 2009 00:58:22 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Jan 2009 16:58:22 -0800 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 23 Jan 2009 00:58:20 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id A0E94234C4A9 for ; Thu, 22 Jan 2009 16:57:59 -0800 (PST) Message-ID: <2109440237.1232672279657.JavaMail.jira@brutus> Date: Thu, 22 Jan 2009 16:57:59 -0800 (PST) From: "David Jencks (JIRA)" To: dev@geronimo.apache.org Subject: [jira] Closed: (GERONIMO-4521) ejb apps with spec security constraints should only deploy if there are corresponding geronimo security constraints, as with web apps In-Reply-To: <1501308339.1232671919571.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/GERONIMO-4521?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Jencks closed GERONIMO-4521. ---------------------------------- Resolution: Fixed trunk rev 736874 branches/2.1 rev 736877 > ejb apps with spec security constraints should only deploy if there are corresponding geronimo security constraints, as with web apps > ------------------------------------------------------------------------------------------------------------------------------------- > > Key: GERONIMO-4521 > URL: https://issues.apache.org/jira/browse/GERONIMO-4521 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues) > Components: deployment, OpenEJB > Affects Versions: 2.1.3, 2.1.4, 2.2 > Reporter: David Jencks > Assignee: David Jencks > Fix For: 2.1.4, 2.2 > > > for quite a while we have only allowed you to deploy a web app with security constraints if you also supply a geronimo security configuration; otherwise you get no security constraints at all. We should be doing the same for ejb apps. While this may be inconvenient for those who want to try deploying an app without completing the configuration, the alternative is to give the impression that the deployed app is enforcing the security constraints -- which it is not. > I suppose an alternative might be to figure out a way to deploy and just forbid access to any resources that are constrained. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.